I've been trying to get slapd-meta to failover using multiple URIs but can't get it to work.
Initially I was using 2.4.26, but having seen the report in ITS#7050 I've now built 2.4.32 but the problem is still there as far as I can tell. This bug was quashed in 2.4.29 according to the change log.
In the example below, if host1 is not contactable at the point a search is performed, host2 will be contacted and the result returned correctly but ldapsearch then hangs indefinitely and the server's debug (level 1) output spews the following messages endlessly:
ldap_sasl_bind ldap_send_initial_request ldap_int_poll: fd: 10 tm: 0 502a4634 conn=1001 op=1 <<< meta_search_dobind_init[0]=4 502a4634 conn=1001 op=1 >>> meta_search_dobind_init[0]
Here's the relevant portion of slapd.conf:
database meta suffix dc=local rootdn cn=administrator,dc=local rootpw secret
network-timeout 3
uri ldap://host1:3268/ou=dc1,dc=local uri ldap://host2:3268/ou=dc1,dc=local uri ldap://host3:3268/ou=dc1,dc=local
suffixmassage "ou=dc1,dc=local" "dc=example,dc=com"
idassert-bind bindmethod=simple binddn="cn=proxyuser,dc=example,dc=com" credentials="password"
idassert-authzfrom "dn.exact:cn=administrator,dc=local"
Am I doing something wrong
You are. The above is creating three targets, one pointing to host1, one pointing to host2 and one pointing to host3. The rest of the configuration is associated to the last target, the others are sort of dangling. A correct configuration for failover would be
uri ldap://host1:3268/ou=dc1,dc=local ldap://host2:3268/ ldap://host3:3268/ suffixmassage "ou=dc1,dc=local" "dc=example,dc=com" idassert-bind bindmethod=simple binddn="cn=proxyuser,dc=example,dc=com" credentials="password" idassert-authzfrom "dn.exact:cn=administrator,dc=local"
Note that URIs other than the first one cannot have the DN part (the same of the first URI is assumed).
p.
or has the bug described in ITS#7050 crept back in?
-- Liam Gretton liam.gretton@le.ac.uk HPC Architect http://www.le.ac.uk/its IT Services Tel: +44 (0)116 2522254 University of Leicester, University Road Leicestershire LE1 7RH, United Kingdom